I've prepared an analysis about the use of vulnerability assessment systems and intrusion detection systems in your company, just like you asked me. You specifically asked whether the use of both systems will be a waste of resources and a duplication of efforts. My analysis suggests that VAS and IDS have separate internal functions for the security of the computer systems and both must be a part of a computer system for complete security control.
Vulnerability assessment systems are those security scanning tools that assess level of threat that can penetrate a system. The main job of such tools is to scan networks, servers, firewalls, routers, and applications and report system vulnerabilities. "Generally, the tools can detect known security flaws or bugs in software and hardware, determine if the systems are susceptible to known attacks and exploits, and search for system vulnerabilities such as settings contrary to established security policies". (Becker, 1999)
New threats are discovered each day thus the vulnerability assessment tools must be updated regularly. Any new weaknesses such as security flaws and bugs would need to be patched in the system so that no holes left for malwares, viruses, spywares etc. to infect the system. ...Show more